Do I generate another SSH key for another machine?

Asked by Zearin on 2008-12-25

I followed the directions from Launchpad's help site for creating an SSH key on my laptop (instructions are at https://help.launchpad.net/YourAccount/CreatingAnSSHKeyPair).

However, I'm otherwise pretty ignorant about how these things work. I can see that my Launchpad page shows the public key that I uploaded. However, do I go through the same exact process on my desktop as well? Or do I reuse part of what I generated the first time?

So confused. :-/

Question information

Language:
English Edit question
Status:
Solved
For:
Launchpad itself Edit question
Assignee:
No assignee Edit question
Solved by:
Adam Buchbinder
Solved:
2009-01-16
Last query:
2009-01-16
Last reply:
2009-01-08
Zearin (zearin) said : #1

Anyone? Am I supposed to put the public key from my Launchpad User page on my desktop and generate a private key from that or something?

I mean, SHOULD my pub/private keys (for Launchpad, or for everything in general) be the same on my laptop and desktop, or no?

Muharem Hrnjadovic (al-maisan) said : #2

Hello there!

You should generate a public/private key pair on your local system and then make the *public* key known to Launchpad as explained in the

https://help.launchpad.net/YourAccount/CreatingAnSSHKeyPair#Registering%20the%20key%20with%20Launchpad

section.

Zearin (zearin) said : #3

Well … that is not exactly what I need help with :) I have already done that.

I have followed those instructions for my laptop. My question is, am I supposed to use the same key with my *desktop*? (And if so, how do I go about it?)

You don't need to create a new key for your desktop. Creating more copies of your SSH key will allow you to log in from more than one place. Make sure you only keep your keys where nobody else can get to them. You should always have a passphrase on your key to mitigate the danger of losing it.

In short, you just need to copy the files ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub from your laptop to your desktop. *Do not* send them over an insecure channel, e.g. attached to an unencrypted email, over instant messaging, etc. Send them via SSH, or copy them to a USB stick to transfer them, then delete them from the stick when you're done.

On your laptop and your desktop, you should see roughly the same thing (though, of course, your username will be different):

$ ls -l ~/.ssh/id_rsa*
-rw------- 1 abuchbinder abuchbinder 1743 2009-01-06 11:52 /home/abuchbinder/.ssh/id_rsa
-rw-r--r-- 1 abuchbinder abuchbinder 404 2009-01-06 11:52 /home/abuchbinder/.ssh/id_rsa.pub

Since you're using OSX--I'm guessing from your profile page and the comment on your public RSA key there--it might look a bit different, but it should still work. Please let me know if you have any questions or run into any difficulty.

In a broader sense, the question of whether your keys should be the same in different places can be somewhat complicated. I've generated different keys for work and personal purposes in the past, because I wasn't the only person with root access to my workstation at work.

On the other hand, if you have two computers in the same house that are used for roughly the same purposes (which is what I'm guessing you have), it only complicates matters to make two separate SSH keys (everyone who wants to allow access for you has to add both of them), and it doesn't provide any real security benefit.

Zearin (zearin) said : #6

Thanks Adam Buchbinder, that solved my question.

Damien D. (ddelangle) said : #7

hi there,

I am facing the same question
1-I have generated a keypair on my laptop
2-The public part is added to my launchpad profile
3-I can push, pull,... on private branches

I copied this keypair to my PC. from that PC I always have the same error:

Permission denied (publickey).
bzr: ERROR: Connection closed: Unexpected end of message. Please check connectivity and permissions, and report a bug if problems persist.

Any idea?

The only difference I found is that my linux username is different between my laptop an my pc.

Damien D. (ddelangle) said : #8

Sorry,
everything is ok... this was a mistake on my side!